
	<?php include './dbInclude.php';?>
    <?php
	
    ob_start();
    session_start();
     
    $clientID =$_SESSION['sess_client_id'];
	$instrID = $_POST['cid'];
	$quantity = $_POST['qnty'];
    $buy_sell = $_POST['buysell'];
	
	echo $instrID."@";
	echo $clientID."@";
	echo $quantity."@";
	echo $buy_sell."@";
	echo empty($_SESSION['sess_client_id']);
	if (empty($_SESSION['sess_client_id'])||empty($_POST['cid'])||empty($_POST['qnty'])) {
	$msg = "Please fill all the fields".empty($_SESSION['sess_client_id']).empty($_POST['cid']).empty($_POST['qnty']).empty($_POST['buysell']);
	header('Location: ./orderpanel.php?msg='.$msg);
	
	
	
	
	}else{
	try { 	
	$dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
	$dbh->setAttribute(PDO::ATTR_AUTOCOMMIT, FALSE);

			$sql = "CALL `place_order`(:clientID,:instrID, :quantity, :buy_sell, @pout_code,@pout_orderID, @pout_msg)";
			$stmt = $dbh->prepare($sql);
		 
			$stmt->bindParam(':clientID', $clientID, PDO::PARAM_STR);
			$stmt->bindParam(':instrID', $instrID, PDO::PARAM_STR);
			$stmt->bindParam(':quantity', $quantity, PDO::PARAM_STR);
			$stmt->bindParam(':buy_sell', $buy_sell, PDO::PARAM_STR);
			
			$stmt->execute();
			$stmt->closeCursor();
			// execute the second query to get customer's level
			$r = $dbh->query("SELECT @pout_code AS code, @pout_msg AS msg, @pout_orderID AS orderID")->fetch(PDO::FETCH_ASSOC);
			if ($r) {
				$code = $r['code'];
				$msg = $r['msg'];
				$orderID = $r['orderID'];
				 if($code == "S"){
					
					header('Location: ./orderpanel.php?msg=Your order has beed placed with order ID-'.$orderID);
				}else if($code=="E"){
					header('Location: ./orderpanel.php?msg='.$msg);
				}

			}
		} catch (Exception $e) {
		  $dbh->rollBack();
		  echo "Failed: " . $e->getMessage();
		}	
	}
    ?>
